XBox One joins the Microsoft world for blind updating on Patch Tuesday

Article

My Comments

Due to a very strong security reality, the IT industry ins pushing a requirement for companies who make dedicated-purpose devices like games consoles and network infrastructure devices to have a continual software-revision process.

This is involving a requirement to develop and deliver software updates and patches as soon as they are aware of any bugs and security exploits. The preferred installation for these updates is to have a totally hands-off approach that occurs whenever the device is connected to the Internet.

This is becoming more important not just to protect games software against piracy, but to protect users’ privacy especially as games consoles are being capable of working with cameras and microphones and being part of online-gaming ecosystems where players’ details are being hosted online or on the device’s secondary storage. Similarly these devices are being part of the online-entertainment and home-network ecosystem which gives them access network-connected devices and online services.

Microsoft has extended the approach they have with the Windows platform and brought the XBox One games console in to the software-update rhythm that is known as “Patch Tuesday”. This is where Microsoft delivers all the software updates and patches for the Windows platform on the second Tuesday of every month rather than on an ad-hoc pattern. It creates a level of predictability when it comes to keeping your computer’s operating software up-to-date and in most home and small-business setups, it is effectively a hands-off “blind update” but may require a computer to be restarted.

It is part of running XBox One on a Windows 10 codebase which will expose it to the same kind of vulnerabilities as a “regular” computer. As well, the XBox One will also end up being one of the platforms covered by Microsoft’s bug-bounty programs where computer users are paid to “smoke out” bugs in their computer software. This places importance on having operating software that is kept regularly patched and updated. It also shows that games consoles, like other computing devices can be vulnerable to bugs that can expose security weaknesses or can be vulnerable to “zero-day” security exploits that aren’t discovered by the software developer.

What could this eventually mean for software updating as far as games-consoles and similar devices go? This could put the pressure for manufacturers to develop a continual software-update rhythm including bug-bounty / vulnerability-reward programs and even push for longer software life cycles.